<?

/*
*
*   Excalibur Content Management System
*   Copyright © 2008 Egor "Sontan" Kuryanovich
*
*   Based on Explay Engine v2.0 by Golovdinov Alexander
*
*   Official site: www.excms.ru
*   Contact e-mail: support@excms.ru
*
*   GNU General Public License original source:
*   http://www.gnu.org/licenses/gpl-3.0.html
*
*/


header ('Cache-control: no-cache');
header ('Content-type: text/html; charset=utf-8');

$EXCMS = 'work';
 
require_once $_SERVER['DOCUMENT_ROOT'].'/engine/functions.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/engine/connect.php';
require_once $_SERVER['DOCUMENT_ROOT'].'/engine/templates.class.php';

$theme = $SITE['site_theme'];

// Make template class
$template = new template ($_SERVER['DOCUMENT_ROOT'].'/themes/'.$theme.'/');
if ($GLOBAL_USER['user_id'] > 0) 
	$template->user = $GLOBAL_USER['user_group'];
else 
	$template->user = 'user';

require_once $_SERVER['DOCUMENT_ROOT'].'/engine/templates.php';

// Сохранеяем присланную информацию
$login_	= addslashes($_POST['login']);
$pass_		= expl_hash($_POST['pass']);

// Если не присланы данные то устанавливаем значения по умолчанию
(isset($_POST['url']))			
	? $url_ = strip_tags ($_POST['url'])				
	: $url_ = '/';

(isset($_POST['remember']))	
	? $time = time() + ($SITE['cookie_live'] * 86400)	
	: $time = 0;


if ($_GET['mod'] == "enter") 
{
	if (isset($_POST['openid_login']) && isset($_POST['openid_server'])) 
		openid_redicret ();
	elseif ($_GET['openid_mode'] == "id_res") 
		get_params ();
	else 
	{
		if ($login_ == '' || $pass_ == '') 
			print_big_authorization ('Не заполнено одно из полей', $url_);
		else 
		{
			$get_login = $db->query ("SELECT * FROM ".DB_PEREFIX."_users WHERE user_login = '$login_' && user_password = '$pass_'");
			if ($db->num_rows($get_login) == 1) 
			{
				$glog = $db->fetch_array($get_login);			
				
				setcookie ('login', $login_, $time, '/', $_SERVER['HTTP_HOST']);
				setcookie ('pass', $pass_, $time, '/', $_SERVER['HTTP_HOST']);
				
				big_message ('Добро пожаловать, '.$glog['user_name'].'!', $url_);
			}
			else print_big_authorization ('Неправильный логин или пароль', $url_);
		}
	}
}
elseif ($_GET['mod'] == "out") 
{
	setcookie ('login', 'false', time()-3600, '/', $_SERVER['HTTP_HOST']);
	setcookie ('pass', 'false', time()-3600, '/', $_SERVER['HTTP_HOST']);
		
	big_message ('До встречи!', '/');
	session_destroy();
} 
else 
{	
	print_big_authorization ("Вход в систему", "/");
}

function openid_redicret () 
{
	global $url_, $SITE;

	require('engine/openid.class.php');
	
	
	$openid = new SimpleOpenID;
	
	$id = trim ($_POST['openid_login']) . '.' . trim ($_POST['openid_server']);
	$id = str_replace ('http://', '', $id);
	$id = "http://$id";
	if (substr($id, strlen($id)-2, strlen($id)-1) != '/') $id = $id.'/';
	
	$openid->SetIdentity($id);
	$openid->SetTrustRoot('http://'. $_SERVER['HTTP_HOST'] .'/');
	$openid->SetRequiredFields(array('fullname'));
	//$openid->SetOptionalFields(array('dob','gender','postcode','country','language'));
	
	if ($openid->GetOpenIDServer()){
		
		(isset ($_POST['openid_remember'])) 
			? $_SESSION['rem_time'] = time() + ($SITE['cookie_live'] * 86400) 
			: $_SESSION['rem_time'] = 0;

		$_SESSION['save_location'] = $url_;
		
		$openid->SetApprovedURL('http://'. $_SERVER['HTTP_HOST'] .'/login.html');
		$openid->Redirect();
	}
	else print_big_authorization ("Невозможно найти OpenID сервер! $id", $url_);
}



function get_params () 
{
	
	global $time;

	require('engine/openid.class.php');
	
	
	$openid = new SimpleOpenID;
	
	
	$openid->SetIdentity($_GET['openid_identity']);
	$openid_validation_result = $openid->ValidateWithServer();
	if ($openid_validation_result == true) { 
		
		
		$fullname = strip_tags ($_GET['openid_sreg_fullname']);
		if ($fullname == "") { print_big_authorization ("Ошибка OpenID сервера!", $_SESSION['save_location']); exit; }
		
		setcookie ("openid", urlencode ($_GET['openid_identity']."==".$fullname), $_SESSION['rem_time'], '/', $_SERVER['HTTP_HOST'], 0);
				
		big_message ("Добро пожаловать, $fullname!", $_SESSION['save_location']);
		
		
				
	}
	else print_big_authorization ("Ошибка OpenID сервера!", $_SESSION['save_location']);

}
